New Year Sale - Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70dumps

Assessor_New_V4 Questions and Answers

Question # 6

What process is requited by PCI DSS for protecting card-reading devices at the point-of-sale?

A.

Devices are periodically inspected to detect unauthorized card stammers.

B.

The serial number of each device is periodically verified with the device manufacturer

C.

Device identifiers and security labels are periodically replaced

D.

Devices are physically destroyed if there is suspicion of compromise

Full Access
Question # 7

A sample of business facilities is reviewed during the PCI DSS assessment What is the assessor required to validate about the sample?

A.

It includes a consistent set of facilities that are reviewed for all assessments.

B.

The number of facilities in the sample is at least 10 percent of the total number of facilities

C.

Every facility where cardholder data is stored is reviewed

D.

All types and locations of facilities are represented

Full Access
Question # 8

At which step in the payment transaction process does the merchants bank pay the merchant for the purchase and the cardholder s bank bill the cardholder?

A.

Authorization

B.

Clearing

C.

Settlement

D.

Chargeback

Full Access
Question # 9

Which of the following is an example of multi-factor authentication?

A.

A token that must be presented twice during the login process

B.

A user passphrase and an application level password.

C.

A user password and a PIN-activated smart card

D.

A user fingerprint and a user thumbprint

Full Access
Question # 10

What would be an appropriate strength for the key-encrypting key (KEK) used to protect an AES 128-bit data-encrypting key (DEK)

A.

DES256

B.

RSA512

C.

AES 128

D.

ROT 13

Full Access
Question # 11

An LDAP server providing authentication services to the cardholder data environment is

A.

in scope for PCI DSS.

B.

not in scope for PCI DSS

C.

in scope only if it stores processes or transmits cardholder data

D.

in scope only if it provides authentication services to systems in the DMZ

Full Access
Question # 12

What must be included m an organization’s procedures for managing visitors?

A.

Visitors are escorted at all times within areas where cardholder data is processed or maintained

B.

Visitor badges are identical to badges used by onsite personnel

C.

Visitor log includes visitor name, address, and contact phone number

D.

Visitors retain their identification (for example a visitor badge) for 30 days after completion of the visit

Full Access
Question # 13

The intent of assigning a risk ranking to vulnerabilities is to?

A.

Ensure all vulnerabilities are addressed within 30 days

B.

Replace the need to quarterly ASV scans

C.

Prioritize the highest risk items so they can be addressed more quickly

D.

Ensure that critical security patches are installed at least quarterly

Full Access
Question # 14

Where an entity under assessment is using the customized approach, which of the following steps is the responsibility of the assessor?

A.

Monitor the control.

B.

Derive testing procedures and document them in Appendix E of the ROC.

C.

Document and maintain evidence about each customized control as defined in Appendix E of PCI DSS

D.

Perform the targeted risk analysis as per PCI DSS requirement 12.3.2

Full Access
Question # 15

Which of the following describes "stateful responses' to communication initiated by a trusted network?

A.

Administrative access to respond to requests to change the firewall is limited to one individual at a time

B.

Active network connections are tracked so that invalid response' traffic can be identified.

C.

A current baseline of application configurations is maintained and any mis-configuration is responded to promptly

D.

Logs of user activity on the firewall are correlated to identify and respond to suspicious behavior

Full Access
Question # 16

Which statement about PAN is true?

A.

It must be protected with strong cryptography for transmission over private wireless networks

B.

It must be protected with strong cryptography (or transmission over private wired networks

C.

It does not require protection for transmission over public wireless networks

D.

It does not require protection for transmission over public wired networks

Full Access
Question # 17

Which scenario describes segmentation of the cardholder data environment (CDE) for the purposes of reducing PCI DSS scope?

A.

Routers that monitor network traffic flows between the CDE and out-of-scope networks

B.

Firewalls that log all network traffic flows between the CDE and out of-scope networks

C.

Virtual LANs that route network traffic between the CDE and out-of-scope networks

D.

A network configuration that prevents all network traffic between the CDE and out-of-scope networks

Full Access
Question # 18

If disk encryption is used to protect account data what requirement should be met for the disk encryption solution?

A.

Access to the disk encryption must be managed independently of the operating system access control mechanisms

B.

The disk encryption system must use the same user account authenticator as the operating system

C.

The decryption keys must be associated with the local user account database

D.

The decryption keys must be stored within the local user account database

Full Access